<?php
  function newComment($url, $content, $parent_id) {
    $return_string = "";

    if (!isset($_SESSION['user_name'])) {
      $return_string .= "<returncode>0</returncode>\n";
      $return_string .= "<errormessage>You're not logged in!</errormessage>\n";
      return $return_string;
    }

    $query = "SELECT id FROM WebPage WHERE url = '" . $url . "'";
    $result = mysql_query($query);
    
    if (mysql_num_rows($result) == 0) {
      $query2 = "INSERT INTO WebPage(url) VALUES('" . $url . "')";
      $result = mysql_query($query2);
      $result = mysql_query($query);
    }

    $result_row = mysql_fetch_assoc($result);
    $webpage_id = $result_row['id'];

    $return_string .= "<returncode>1</returncode>\n";
    $user_id = $_SESSION['user_id'];

    if ($parent_id > -1) {
      $parent_id = (int)(substr($parent_id, 8));
      $query = "INSERT INTO Comment(user_id, webpage_id, text, parent_id) "
             . "VALUES(" . $user_id . "," . $webpage_id . ",'" . $content 
             . "'," . $parent_id . ")";
    } else {
      $query = "INSERT INTO Comment(user_id, webpage_id, text) "
             . "VALUES(" . $user_id . "," . $webpage_id . ",'" . $content 
             . "')";
    }
    $result = mysql_query($query);
    $return_string .= "<result>$result</result>";
    return $return_string;
  }

?>
